/**
 * Copyright &copy; 2016-2017 <a href="http://git.oschina.net/whoamien/backend_management">Backend Management</a> All rights reserved.
 */
package com.xw.app.controller;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.filter.authc.FormAuthenticationFilter;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.ui.ModelMap;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.servlet.ModelAndView;

import com.captcha.botdetect.web.servlet.Captcha;
import com.xw.app.model.SystemConfig;
import com.xw.app.service.SystemConfigService;
import com.xw.framework.base.controller.BaseSpringController;
import com.xw.framework.vo.UserSessionInfo;
import com.xw.util.AppConstant;

/**
 * The Class LoginController.
 *
 * @author Xi Wei
 */
@Controller
public class LoginController extends BaseSpringController {

	@Autowired
	private SystemConfigService systemConfigService;
	
	/**
	 * To login.
	 *
	 * @param redirectURL the redirect URL
	 * @param request the request
	 * @return the model and view
	 * @throws Exception the exception
	 */
	@RequestMapping(value="/login",method = RequestMethod.GET)
	public ModelAndView toLogin(String redirectURL, HttpServletRequest request)throws Exception{
		SystemConfig systemConfig = systemConfigService.getActiveSystemConfig();
		ModelMap modelmap = new ModelMap();
		
		modelmap.addAttribute("redirectURL", redirectURL);
		modelmap.addAttribute("systemConfig", systemConfig);
		request.getSession().setAttribute("SystemConfig", systemConfig);
		ModelAndView result = new ModelAndView("/login");
		
		result.addAllObjects(modelmap);
		return result;		
	}
	
	/**
	 * Logout.
	 *
	 * @param request the request
	 * @return the string
	 */
	@RequestMapping(value="/logout",method = RequestMethod.GET)
	public String logout(HttpServletRequest request){
		HttpSession session = request.getSession();
		session.removeAttribute(AppConstant.SESSION_USER_ID);
		session.removeAttribute(UserSessionInfo.USER_SESSION_INFO_KEY);
		Subject subject = SecurityUtils.getSubject();
		if (subject != null) {
			subject.logout();
		}
		return "redirect:/login";
	}
	
	/**
	 * Fail.
	 *
	 * @param userName the user name
	 * @param model the model
	 * @return the string
	 */
	@RequestMapping(value = "/login", method = RequestMethod.POST)
	public String fail(@RequestParam(FormAuthenticationFilter.DEFAULT_USERNAME_PARAM) String userName, Model model) {
		model.addAttribute(FormAuthenticationFilter.DEFAULT_USERNAME_PARAM, userName);
		System.out.println("failed to login=====================");
		return "redirect:/login";
	}
	
	@RequestMapping("/json/checkCaptcha")
	@ResponseBody
	public boolean checkCaptcha(HttpServletRequest request){
		String userInput = request.getParameter("captchaCode");
		String captchaId = request.getParameter("captchaId");
		String instanceId = request.getParameter("instanceId");
		
		Captcha captcha = Captcha.load(request, captchaId);
		boolean isHuman = captcha.validate(userInput, instanceId);
		
		return isHuman;
	}
}
